Can’t an app just read my private data via maid api calls and then leak it out via traditional http? How can a user trust an app?
I was thinking for open-source projects you could have a way of verifying the source code generates the hash of the exe. Maybe even some kind of block chain based source repository/build system? So each check-in generates corresponding binaries, and we have pool consensus that given source generates given binary and hash, which I can then lookup by hash.
One method is review of the code if the code is opened sourced. It is hoped that all APPs that wish to be trusted will do this.
Another is review of the code by some who view their network/disk traffic while running the APP. Yes this happens in the real world and is a source of much revelation of phoning home of normal APPs. APPs on phones are just assumed to do this anyhow with all their adverts and demand for unneeded permissions.
APP stores can help by listing the APPs with reviews. (not perfect but helps)
There maybe a way to “sandbox” the APPs by limiting traffic generated by SAFE APPs to only the launcher/client thus limiting traffic to the SAFE network. But of course the SAFE network can be used to leak data too.
Pool consensus can’t be relied upon when you can’t trust other nodes on the network (Why would you? 200 anonymous strangers aren’t any more trustworthy than one public (has an account and source on Github) app author).
I have concerns about apps written with node.js in that respect.
How can the app builder trust node.js ? When i gave a try at compiling using npm, I was surprised by the fact “npm install” downloads a whole bunch of pieces of code from unknown ( well unknown to me ) servers, without a single intergrity check. How do you know that 1) you download it from the correct server 2) the code you download was not modified ? 3) the orginal code doesn’t phone home ? ( node.js is based on Chrome V8 engine, and I think everyone agrees on the fact that Google is not specially trying to protect privacy of its users, would they be coders. )
How do you know that there is not a funny piece of script that sends information that you don’t want to be sent, at some point of that huge chain of scripting ?
The fact that the code is open, doesn’t remove the problem that it is so huge that it would take ages to review it. I couldn’t find any serious article about this so far.
I am not familiar at all with this developing method, so I hope I can find information that can show node.js is trustable , specially with privacy protection in mind. I’d be very happy if some of you can give some insight about this.
I would assume others are similar. Anytime you phone home to a server that hosts the data they can grab essentially whatever they want…boo. Guess it would have to be somewhere within SAFE to actually be “safe”!!
An app can do whatever it wants. It is running on your local computer. I could easily make an app that sat in the background and logged all of your keystrokes and sent it to me, that’d be no problem. I could install a root CA on your system and phish your bank’s website. As an app developer, I am basically a deity if you have allowed me to run locally.
This has nothing do with maid. This is just how apps work. You have to trust the author. As for non-authors altering the software, they should try their hardest for a (signed and unsigned) checksum and hopefully they are using a system that has repeatable builds so you could rebuild and verify against it if you were really 'noid.